1 /* 2 * Nokia N-series internet tablets. 3 * 4 * Copyright (C) 2007 Nokia Corporation 5 * Written by Andrzej Zaborowski <andrew@openedhand.com> 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License as 9 * published by the Free Software Foundation; either version 2 or 10 * (at your option) version 3 of the License. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License along 18 * with this program; if not, see <http://www.gnu.org/licenses/>. 19 */ 20 21 #include "qemu/osdep.h" 22 #include "qapi/error.h" 23 #include "cpu.h" 24 #include "chardev/char.h" 25 #include "qemu/cutils.h" 26 #include "qemu/bswap.h" 27 #include "sysemu/reset.h" 28 #include "sysemu/runstate.h" 29 #include "sysemu/sysemu.h" 30 #include "hw/arm/omap.h" 31 #include "hw/arm/boot.h" 32 #include "hw/irq.h" 33 #include "ui/console.h" 34 #include "hw/boards.h" 35 #include "hw/i2c/i2c.h" 36 #include "hw/display/blizzard.h" 37 #include "hw/input/tsc2xxx.h" 38 #include "hw/misc/cbus.h" 39 #include "hw/misc/tmp105.h" 40 #include "hw/qdev-properties.h" 41 #include "hw/block/flash.h" 42 #include "hw/hw.h" 43 #include "hw/loader.h" 44 #include "hw/sysbus.h" 45 #include "qemu/log.h" 46 #include "exec/address-spaces.h" 47 48 /* Nokia N8x0 support */ 49 struct n800_s { 50 struct omap_mpu_state_s *mpu; 51 52 struct rfbi_chip_s blizzard; 53 struct { 54 void *opaque; 55 uint32_t (*txrx)(void *opaque, uint32_t value, int len); 56 uWireSlave *chip; 57 } ts; 58 59 int keymap[0x80]; 60 DeviceState *kbd; 61 62 DeviceState *usb; 63 void *retu; 64 void *tahvo; 65 DeviceState *nand; 66 }; 67 68 /* GPIO pins */ 69 #define N8X0_TUSB_ENABLE_GPIO 0 70 #define N800_MMC2_WP_GPIO 8 71 #define N800_UNKNOWN_GPIO0 9 /* out */ 72 #define N810_MMC2_VIOSD_GPIO 9 73 #define N810_HEADSET_AMP_GPIO 10 74 #define N800_CAM_TURN_GPIO 12 75 #define N810_GPS_RESET_GPIO 12 76 #define N800_BLIZZARD_POWERDOWN_GPIO 15 77 #define N800_MMC1_WP_GPIO 23 78 #define N810_MMC2_VSD_GPIO 23 79 #define N8X0_ONENAND_GPIO 26 80 #define N810_BLIZZARD_RESET_GPIO 30 81 #define N800_UNKNOWN_GPIO2 53 /* out */ 82 #define N8X0_TUSB_INT_GPIO 58 83 #define N8X0_BT_WKUP_GPIO 61 84 #define N8X0_STI_GPIO 62 85 #define N8X0_CBUS_SEL_GPIO 64 86 #define N8X0_CBUS_DAT_GPIO 65 87 #define N8X0_CBUS_CLK_GPIO 66 88 #define N8X0_WLAN_IRQ_GPIO 87 89 #define N8X0_BT_RESET_GPIO 92 90 #define N8X0_TEA5761_CS_GPIO 93 91 #define N800_UNKNOWN_GPIO 94 92 #define N810_TSC_RESET_GPIO 94 93 #define N800_CAM_ACT_GPIO 95 94 #define N810_GPS_WAKEUP_GPIO 95 95 #define N8X0_MMC_CS_GPIO 96 96 #define N8X0_WLAN_PWR_GPIO 97 97 #define N8X0_BT_HOST_WKUP_GPIO 98 98 #define N810_SPEAKER_AMP_GPIO 101 99 #define N810_KB_LOCK_GPIO 102 100 #define N800_TSC_TS_GPIO 103 101 #define N810_TSC_TS_GPIO 106 102 #define N8X0_HEADPHONE_GPIO 107 103 #define N8X0_RETU_GPIO 108 104 #define N800_TSC_KP_IRQ_GPIO 109 105 #define N810_KEYBOARD_GPIO 109 106 #define N800_BAT_COVER_GPIO 110 107 #define N810_SLIDE_GPIO 110 108 #define N8X0_TAHVO_GPIO 111 109 #define N800_UNKNOWN_GPIO4 112 /* out */ 110 #define N810_SLEEPX_LED_GPIO 112 111 #define N800_TSC_RESET_GPIO 118 /* ? */ 112 #define N810_AIC33_RESET_GPIO 118 113 #define N800_TSC_UNKNOWN_GPIO 119 /* out */ 114 #define N8X0_TMP105_GPIO 125 115 116 /* Config */ 117 #define BT_UART 0 118 #define XLDR_LL_UART 1 119 120 /* Addresses on the I2C bus 0 */ 121 #define N810_TLV320AIC33_ADDR 0x18 /* Audio CODEC */ 122 #define N8X0_TCM825x_ADDR 0x29 /* Camera */ 123 #define N810_LP5521_ADDR 0x32 /* LEDs */ 124 #define N810_TSL2563_ADDR 0x3d /* Light sensor */ 125 #define N810_LM8323_ADDR 0x45 /* Keyboard */ 126 /* Addresses on the I2C bus 1 */ 127 #define N8X0_TMP105_ADDR 0x48 /* Temperature sensor */ 128 #define N8X0_MENELAUS_ADDR 0x72 /* Power management */ 129 130 /* Chipselects on GPMC NOR interface */ 131 #define N8X0_ONENAND_CS 0 132 #define N8X0_USB_ASYNC_CS 1 133 #define N8X0_USB_SYNC_CS 4 134 135 #define N8X0_BD_ADDR 0x00, 0x1a, 0x89, 0x9e, 0x3e, 0x81 136 137 static void n800_mmc_cs_cb(void *opaque, int line, int level) 138 { 139 /* TODO: this seems to actually be connected to the menelaus, to 140 * which also both MMC slots connect. */ 141 omap_mmc_enable((struct omap_mmc_s *) opaque, !level); 142 } 143 144 static void n8x0_gpio_setup(struct n800_s *s) 145 { 146 qdev_connect_gpio_out(s->mpu->gpio, N8X0_MMC_CS_GPIO, 147 qemu_allocate_irq(n800_mmc_cs_cb, s->mpu->mmc, 0)); 148 qemu_irq_lower(qdev_get_gpio_in(s->mpu->gpio, N800_BAT_COVER_GPIO)); 149 } 150 151 #define MAEMO_CAL_HEADER(...) \ 152 'C', 'o', 'n', 'F', 0x02, 0x00, 0x04, 0x00, \ 153 __VA_ARGS__, \ 154 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 155 156 static const uint8_t n8x0_cal_wlan_mac[] = { 157 MAEMO_CAL_HEADER('w', 'l', 'a', 'n', '-', 'm', 'a', 'c') 158 0x1c, 0x00, 0x00, 0x00, 0x47, 0xd6, 0x69, 0xb3, 159 0x30, 0x08, 0xa0, 0x83, 0x00, 0x00, 0x00, 0x00, 160 0x00, 0x00, 0x00, 0x00, 0x1a, 0x00, 0x00, 0x00, 161 0x89, 0x00, 0x00, 0x00, 0x9e, 0x00, 0x00, 0x00, 162 0x5d, 0x00, 0x00, 0x00, 0xc1, 0x00, 0x00, 0x00, 163 }; 164 165 static const uint8_t n8x0_cal_bt_id[] = { 166 MAEMO_CAL_HEADER('b', 't', '-', 'i', 'd', 0, 0, 0) 167 0x0a, 0x00, 0x00, 0x00, 0xa3, 0x4b, 0xf6, 0x96, 168 0xa8, 0xeb, 0xb2, 0x41, 0x00, 0x00, 0x00, 0x00, 169 N8X0_BD_ADDR, 170 }; 171 172 static void n8x0_nand_setup(struct n800_s *s) 173 { 174 char *otp_region; 175 DriveInfo *dinfo; 176 177 s->nand = qdev_new("onenand"); 178 qdev_prop_set_uint16(s->nand, "manufacturer_id", NAND_MFR_SAMSUNG); 179 /* Either 0x40 or 0x48 are OK for the device ID */ 180 qdev_prop_set_uint16(s->nand, "device_id", 0x48); 181 qdev_prop_set_uint16(s->nand, "version_id", 0); 182 qdev_prop_set_int32(s->nand, "shift", 1); 183 dinfo = drive_get(IF_MTD, 0, 0); 184 if (dinfo) { 185 qdev_prop_set_drive_err(s->nand, "drive", blk_by_legacy_dinfo(dinfo), 186 &error_fatal); 187 } 188 sysbus_realize_and_unref(SYS_BUS_DEVICE(s->nand), &error_fatal); 189 sysbus_connect_irq(SYS_BUS_DEVICE(s->nand), 0, 190 qdev_get_gpio_in(s->mpu->gpio, N8X0_ONENAND_GPIO)); 191 omap_gpmc_attach(s->mpu->gpmc, N8X0_ONENAND_CS, 192 sysbus_mmio_get_region(SYS_BUS_DEVICE(s->nand), 0)); 193 otp_region = onenand_raw_otp(s->nand); 194 195 memcpy(otp_region + 0x000, n8x0_cal_wlan_mac, sizeof(n8x0_cal_wlan_mac)); 196 memcpy(otp_region + 0x800, n8x0_cal_bt_id, sizeof(n8x0_cal_bt_id)); 197 /* XXX: in theory should also update the OOB for both pages */ 198 } 199 200 static qemu_irq n8x0_system_powerdown; 201 202 static void n8x0_powerdown_req(Notifier *n, void *opaque) 203 { 204 qemu_irq_raise(n8x0_system_powerdown); 205 } 206 207 static Notifier n8x0_system_powerdown_notifier = { 208 .notify = n8x0_powerdown_req 209 }; 210 211 static void n8x0_i2c_setup(struct n800_s *s) 212 { 213 DeviceState *dev; 214 qemu_irq tmp_irq = qdev_get_gpio_in(s->mpu->gpio, N8X0_TMP105_GPIO); 215 I2CBus *i2c = omap_i2c_bus(s->mpu->i2c[0]); 216 217 /* Attach a menelaus PM chip */ 218 dev = DEVICE(i2c_slave_create_simple(i2c, "twl92230", N8X0_MENELAUS_ADDR)); 219 qdev_connect_gpio_out(dev, 3, 220 qdev_get_gpio_in(s->mpu->ih[0], 221 OMAP_INT_24XX_SYS_NIRQ)); 222 223 n8x0_system_powerdown = qdev_get_gpio_in(dev, 3); 224 qemu_register_powerdown_notifier(&n8x0_system_powerdown_notifier); 225 226 /* Attach a TMP105 PM chip (A0 wired to ground) */ 227 dev = DEVICE(i2c_slave_create_simple(i2c, TYPE_TMP105, N8X0_TMP105_ADDR)); 228 qdev_connect_gpio_out(dev, 0, tmp_irq); 229 } 230 231 /* Touchscreen and keypad controller */ 232 static MouseTransformInfo n800_pointercal = { 233 .x = 800, 234 .y = 480, 235 .a = { 14560, -68, -3455208, -39, -9621, 35152972, 65536 }, 236 }; 237 238 static MouseTransformInfo n810_pointercal = { 239 .x = 800, 240 .y = 480, 241 .a = { 15041, 148, -4731056, 171, -10238, 35933380, 65536 }, 242 }; 243 244 #define RETU_KEYCODE 61 /* F3 */ 245 246 static void n800_key_event(void *opaque, int keycode) 247 { 248 struct n800_s *s = (struct n800_s *) opaque; 249 int code = s->keymap[keycode & 0x7f]; 250 251 if (code == -1) { 252 if ((keycode & 0x7f) == RETU_KEYCODE) { 253 retu_key_event(s->retu, !(keycode & 0x80)); 254 } 255 return; 256 } 257 258 tsc210x_key_event(s->ts.chip, code, !(keycode & 0x80)); 259 } 260 261 static const int n800_keys[16] = { 262 -1, 263 72, /* Up */ 264 63, /* Home (F5) */ 265 -1, 266 75, /* Left */ 267 28, /* Enter */ 268 77, /* Right */ 269 -1, 270 1, /* Cycle (ESC) */ 271 80, /* Down */ 272 62, /* Menu (F4) */ 273 -1, 274 66, /* Zoom- (F8) */ 275 64, /* FullScreen (F6) */ 276 65, /* Zoom+ (F7) */ 277 -1, 278 }; 279 280 static void n800_tsc_kbd_setup(struct n800_s *s) 281 { 282 int i; 283 284 /* XXX: are the three pins inverted inside the chip between the 285 * tsc and the cpu (N4111)? */ 286 qemu_irq penirq = NULL; /* NC */ 287 qemu_irq kbirq = qdev_get_gpio_in(s->mpu->gpio, N800_TSC_KP_IRQ_GPIO); 288 qemu_irq dav = qdev_get_gpio_in(s->mpu->gpio, N800_TSC_TS_GPIO); 289 290 s->ts.chip = tsc2301_init(penirq, kbirq, dav); 291 s->ts.opaque = s->ts.chip->opaque; 292 s->ts.txrx = tsc210x_txrx; 293 294 for (i = 0; i < 0x80; i++) { 295 s->keymap[i] = -1; 296 } 297 for (i = 0; i < 0x10; i++) { 298 if (n800_keys[i] >= 0) { 299 s->keymap[n800_keys[i]] = i; 300 } 301 } 302 303 qemu_add_kbd_event_handler(n800_key_event, s); 304 305 tsc210x_set_transform(s->ts.chip, &n800_pointercal); 306 } 307 308 static void n810_tsc_setup(struct n800_s *s) 309 { 310 qemu_irq pintdav = qdev_get_gpio_in(s->mpu->gpio, N810_TSC_TS_GPIO); 311 312 s->ts.opaque = tsc2005_init(pintdav); 313 s->ts.txrx = tsc2005_txrx; 314 315 tsc2005_set_transform(s->ts.opaque, &n810_pointercal); 316 } 317 318 /* N810 Keyboard controller */ 319 static void n810_key_event(void *opaque, int keycode) 320 { 321 struct n800_s *s = (struct n800_s *) opaque; 322 int code = s->keymap[keycode & 0x7f]; 323 324 if (code == -1) { 325 if ((keycode & 0x7f) == RETU_KEYCODE) { 326 retu_key_event(s->retu, !(keycode & 0x80)); 327 } 328 return; 329 } 330 331 lm832x_key_event(s->kbd, code, !(keycode & 0x80)); 332 } 333 334 #define M 0 335 336 static int n810_keys[0x80] = { 337 [0x01] = 16, /* Q */ 338 [0x02] = 37, /* K */ 339 [0x03] = 24, /* O */ 340 [0x04] = 25, /* P */ 341 [0x05] = 14, /* Backspace */ 342 [0x06] = 30, /* A */ 343 [0x07] = 31, /* S */ 344 [0x08] = 32, /* D */ 345 [0x09] = 33, /* F */ 346 [0x0a] = 34, /* G */ 347 [0x0b] = 35, /* H */ 348 [0x0c] = 36, /* J */ 349 350 [0x11] = 17, /* W */ 351 [0x12] = 62, /* Menu (F4) */ 352 [0x13] = 38, /* L */ 353 [0x14] = 40, /* ' (Apostrophe) */ 354 [0x16] = 44, /* Z */ 355 [0x17] = 45, /* X */ 356 [0x18] = 46, /* C */ 357 [0x19] = 47, /* V */ 358 [0x1a] = 48, /* B */ 359 [0x1b] = 49, /* N */ 360 [0x1c] = 42, /* Shift (Left shift) */ 361 [0x1f] = 65, /* Zoom+ (F7) */ 362 363 [0x21] = 18, /* E */ 364 [0x22] = 39, /* ; (Semicolon) */ 365 [0x23] = 12, /* - (Minus) */ 366 [0x24] = 13, /* = (Equal) */ 367 [0x2b] = 56, /* Fn (Left Alt) */ 368 [0x2c] = 50, /* M */ 369 [0x2f] = 66, /* Zoom- (F8) */ 370 371 [0x31] = 19, /* R */ 372 [0x32] = 29 | M, /* Right Ctrl */ 373 [0x34] = 57, /* Space */ 374 [0x35] = 51, /* , (Comma) */ 375 [0x37] = 72 | M, /* Up */ 376 [0x3c] = 82 | M, /* Compose (Insert) */ 377 [0x3f] = 64, /* FullScreen (F6) */ 378 379 [0x41] = 20, /* T */ 380 [0x44] = 52, /* . (Dot) */ 381 [0x46] = 77 | M, /* Right */ 382 [0x4f] = 63, /* Home (F5) */ 383 [0x51] = 21, /* Y */ 384 [0x53] = 80 | M, /* Down */ 385 [0x55] = 28, /* Enter */ 386 [0x5f] = 1, /* Cycle (ESC) */ 387 388 [0x61] = 22, /* U */ 389 [0x64] = 75 | M, /* Left */ 390 391 [0x71] = 23, /* I */ 392 #if 0 393 [0x75] = 28 | M, /* KP Enter (KP Enter) */ 394 #else 395 [0x75] = 15, /* KP Enter (Tab) */ 396 #endif 397 }; 398 399 #undef M 400 401 static void n810_kbd_setup(struct n800_s *s) 402 { 403 qemu_irq kbd_irq = qdev_get_gpio_in(s->mpu->gpio, N810_KEYBOARD_GPIO); 404 int i; 405 406 for (i = 0; i < 0x80; i++) { 407 s->keymap[i] = -1; 408 } 409 for (i = 0; i < 0x80; i++) { 410 if (n810_keys[i] > 0) { 411 s->keymap[n810_keys[i]] = i; 412 } 413 } 414 415 qemu_add_kbd_event_handler(n810_key_event, s); 416 417 /* Attach the LM8322 keyboard to the I2C bus, 418 * should happen in n8x0_i2c_setup and s->kbd be initialised here. */ 419 s->kbd = DEVICE(i2c_slave_create_simple(omap_i2c_bus(s->mpu->i2c[0]), 420 "lm8323", N810_LM8323_ADDR)); 421 qdev_connect_gpio_out(s->kbd, 0, kbd_irq); 422 } 423 424 /* LCD MIPI DBI-C controller (URAL) */ 425 struct mipid_s { 426 int resp[4]; 427 int param[4]; 428 int p; 429 int pm; 430 int cmd; 431 432 int sleep; 433 int booster; 434 int te; 435 int selfcheck; 436 int partial; 437 int normal; 438 int vscr; 439 int invert; 440 int onoff; 441 int gamma; 442 uint32_t id; 443 }; 444 445 static void mipid_reset(struct mipid_s *s) 446 { 447 s->pm = 0; 448 s->cmd = 0; 449 450 s->sleep = 1; 451 s->booster = 0; 452 s->selfcheck = 453 (1 << 7) | /* Register loading OK. */ 454 (1 << 5) | /* The chip is attached. */ 455 (1 << 4); /* Display glass still in one piece. */ 456 s->te = 0; 457 s->partial = 0; 458 s->normal = 1; 459 s->vscr = 0; 460 s->invert = 0; 461 s->onoff = 1; 462 s->gamma = 0; 463 } 464 465 static uint32_t mipid_txrx(void *opaque, uint32_t cmd, int len) 466 { 467 struct mipid_s *s = (struct mipid_s *) opaque; 468 uint8_t ret; 469 470 if (len > 9) { 471 hw_error("%s: FIXME: bad SPI word width %i\n", __func__, len); 472 } 473 474 if (s->p >= ARRAY_SIZE(s->resp)) { 475 ret = 0; 476 } else { 477 ret = s->resp[s->p++]; 478 } 479 if (s->pm-- > 0) { 480 s->param[s->pm] = cmd; 481 } else { 482 s->cmd = cmd; 483 } 484 485 switch (s->cmd) { 486 case 0x00: /* NOP */ 487 break; 488 489 case 0x01: /* SWRESET */ 490 mipid_reset(s); 491 break; 492 493 case 0x02: /* BSTROFF */ 494 s->booster = 0; 495 break; 496 case 0x03: /* BSTRON */ 497 s->booster = 1; 498 break; 499 500 case 0x04: /* RDDID */ 501 s->p = 0; 502 s->resp[0] = (s->id >> 16) & 0xff; 503 s->resp[1] = (s->id >> 8) & 0xff; 504 s->resp[2] = (s->id >> 0) & 0xff; 505 break; 506 507 case 0x06: /* RD_RED */ 508 case 0x07: /* RD_GREEN */ 509 /* XXX the bootloader sometimes issues RD_BLUE meaning RDDID so 510 * for the bootloader one needs to change this. */ 511 case 0x08: /* RD_BLUE */ 512 s->p = 0; 513 /* TODO: return first pixel components */ 514 s->resp[0] = 0x01; 515 break; 516 517 case 0x09: /* RDDST */ 518 s->p = 0; 519 s->resp[0] = s->booster << 7; 520 s->resp[1] = (5 << 4) | (s->partial << 2) | 521 (s->sleep << 1) | s->normal; 522 s->resp[2] = (s->vscr << 7) | (s->invert << 5) | 523 (s->onoff << 2) | (s->te << 1) | (s->gamma >> 2); 524 s->resp[3] = s->gamma << 6; 525 break; 526 527 case 0x0a: /* RDDPM */ 528 s->p = 0; 529 s->resp[0] = (s->onoff << 2) | (s->normal << 3) | (s->sleep << 4) | 530 (s->partial << 5) | (s->sleep << 6) | (s->booster << 7); 531 break; 532 case 0x0b: /* RDDMADCTR */ 533 s->p = 0; 534 s->resp[0] = 0; 535 break; 536 case 0x0c: /* RDDCOLMOD */ 537 s->p = 0; 538 s->resp[0] = 5; /* 65K colours */ 539 break; 540 case 0x0d: /* RDDIM */ 541 s->p = 0; 542 s->resp[0] = (s->invert << 5) | (s->vscr << 7) | s->gamma; 543 break; 544 case 0x0e: /* RDDSM */ 545 s->p = 0; 546 s->resp[0] = s->te << 7; 547 break; 548 case 0x0f: /* RDDSDR */ 549 s->p = 0; 550 s->resp[0] = s->selfcheck; 551 break; 552 553 case 0x10: /* SLPIN */ 554 s->sleep = 1; 555 break; 556 case 0x11: /* SLPOUT */ 557 s->sleep = 0; 558 s->selfcheck ^= 1 << 6; /* POFF self-diagnosis Ok */ 559 break; 560 561 case 0x12: /* PTLON */ 562 s->partial = 1; 563 s->normal = 0; 564 s->vscr = 0; 565 break; 566 case 0x13: /* NORON */ 567 s->partial = 0; 568 s->normal = 1; 569 s->vscr = 0; 570 break; 571 572 case 0x20: /* INVOFF */ 573 s->invert = 0; 574 break; 575 case 0x21: /* INVON */ 576 s->invert = 1; 577 break; 578 579 case 0x22: /* APOFF */ 580 case 0x23: /* APON */ 581 goto bad_cmd; 582 583 case 0x25: /* WRCNTR */ 584 if (s->pm < 0) { 585 s->pm = 1; 586 } 587 goto bad_cmd; 588 589 case 0x26: /* GAMSET */ 590 if (!s->pm) { 591 s->gamma = ctz32(s->param[0] & 0xf); 592 if (s->gamma == 32) { 593 s->gamma = -1; /* XXX: should this be 0? */ 594 } 595 } else if (s->pm < 0) { 596 s->pm = 1; 597 } 598 break; 599 600 case 0x28: /* DISPOFF */ 601 s->onoff = 0; 602 break; 603 case 0x29: /* DISPON */ 604 s->onoff = 1; 605 break; 606 607 case 0x2a: /* CASET */ 608 case 0x2b: /* RASET */ 609 case 0x2c: /* RAMWR */ 610 case 0x2d: /* RGBSET */ 611 case 0x2e: /* RAMRD */ 612 case 0x30: /* PTLAR */ 613 case 0x33: /* SCRLAR */ 614 goto bad_cmd; 615 616 case 0x34: /* TEOFF */ 617 s->te = 0; 618 break; 619 case 0x35: /* TEON */ 620 if (!s->pm) { 621 s->te = 1; 622 } else if (s->pm < 0) { 623 s->pm = 1; 624 } 625 break; 626 627 case 0x36: /* MADCTR */ 628 goto bad_cmd; 629 630 case 0x37: /* VSCSAD */ 631 s->partial = 0; 632 s->normal = 0; 633 s->vscr = 1; 634 break; 635 636 case 0x38: /* IDMOFF */ 637 case 0x39: /* IDMON */ 638 case 0x3a: /* COLMOD */ 639 goto bad_cmd; 640 641 case 0xb0: /* CLKINT / DISCTL */ 642 case 0xb1: /* CLKEXT */ 643 if (s->pm < 0) { 644 s->pm = 2; 645 } 646 break; 647 648 case 0xb4: /* FRMSEL */ 649 break; 650 651 case 0xb5: /* FRM8SEL */ 652 case 0xb6: /* TMPRNG / INIESC */ 653 case 0xb7: /* TMPHIS / NOP2 */ 654 case 0xb8: /* TMPREAD / MADCTL */ 655 case 0xba: /* DISTCTR */ 656 case 0xbb: /* EPVOL */ 657 goto bad_cmd; 658 659 case 0xbd: /* Unknown */ 660 s->p = 0; 661 s->resp[0] = 0; 662 s->resp[1] = 1; 663 break; 664 665 case 0xc2: /* IFMOD */ 666 if (s->pm < 0) { 667 s->pm = 2; 668 } 669 break; 670 671 case 0xc6: /* PWRCTL */ 672 case 0xc7: /* PPWRCTL */ 673 case 0xd0: /* EPWROUT */ 674 case 0xd1: /* EPWRIN */ 675 case 0xd4: /* RDEV */ 676 case 0xd5: /* RDRR */ 677 goto bad_cmd; 678 679 case 0xda: /* RDID1 */ 680 s->p = 0; 681 s->resp[0] = (s->id >> 16) & 0xff; 682 break; 683 case 0xdb: /* RDID2 */ 684 s->p = 0; 685 s->resp[0] = (s->id >> 8) & 0xff; 686 break; 687 case 0xdc: /* RDID3 */ 688 s->p = 0; 689 s->resp[0] = (s->id >> 0) & 0xff; 690 break; 691 692 default: 693 bad_cmd: 694 qemu_log_mask(LOG_GUEST_ERROR, 695 "%s: unknown command %02x\n", __func__, s->cmd); 696 break; 697 } 698 699 return ret; 700 } 701 702 static void *mipid_init(void) 703 { 704 struct mipid_s *s = (struct mipid_s *) g_malloc0(sizeof(*s)); 705 706 s->id = 0x838f03; 707 mipid_reset(s); 708 709 return s; 710 } 711 712 static void n8x0_spi_setup(struct n800_s *s) 713 { 714 void *tsc = s->ts.opaque; 715 void *mipid = mipid_init(); 716 717 omap_mcspi_attach(s->mpu->mcspi[0], s->ts.txrx, tsc, 0); 718 omap_mcspi_attach(s->mpu->mcspi[0], mipid_txrx, mipid, 1); 719 } 720 721 /* This task is normally performed by the bootloader. If we're loading 722 * a kernel directly, we need to enable the Blizzard ourselves. */ 723 static void n800_dss_init(struct rfbi_chip_s *chip) 724 { 725 uint8_t *fb_blank; 726 727 chip->write(chip->opaque, 0, 0x2a); /* LCD Width register */ 728 chip->write(chip->opaque, 1, 0x64); 729 chip->write(chip->opaque, 0, 0x2c); /* LCD HNDP register */ 730 chip->write(chip->opaque, 1, 0x1e); 731 chip->write(chip->opaque, 0, 0x2e); /* LCD Height 0 register */ 732 chip->write(chip->opaque, 1, 0xe0); 733 chip->write(chip->opaque, 0, 0x30); /* LCD Height 1 register */ 734 chip->write(chip->opaque, 1, 0x01); 735 chip->write(chip->opaque, 0, 0x32); /* LCD VNDP register */ 736 chip->write(chip->opaque, 1, 0x06); 737 chip->write(chip->opaque, 0, 0x68); /* Display Mode register */ 738 chip->write(chip->opaque, 1, 1); /* Enable bit */ 739 740 chip->write(chip->opaque, 0, 0x6c); 741 chip->write(chip->opaque, 1, 0x00); /* Input X Start Position */ 742 chip->write(chip->opaque, 1, 0x00); /* Input X Start Position */ 743 chip->write(chip->opaque, 1, 0x00); /* Input Y Start Position */ 744 chip->write(chip->opaque, 1, 0x00); /* Input Y Start Position */ 745 chip->write(chip->opaque, 1, 0x1f); /* Input X End Position */ 746 chip->write(chip->opaque, 1, 0x03); /* Input X End Position */ 747 chip->write(chip->opaque, 1, 0xdf); /* Input Y End Position */ 748 chip->write(chip->opaque, 1, 0x01); /* Input Y End Position */ 749 chip->write(chip->opaque, 1, 0x00); /* Output X Start Position */ 750 chip->write(chip->opaque, 1, 0x00); /* Output X Start Position */ 751 chip->write(chip->opaque, 1, 0x00); /* Output Y Start Position */ 752 chip->write(chip->opaque, 1, 0x00); /* Output Y Start Position */ 753 chip->write(chip->opaque, 1, 0x1f); /* Output X End Position */ 754 chip->write(chip->opaque, 1, 0x03); /* Output X End Position */ 755 chip->write(chip->opaque, 1, 0xdf); /* Output Y End Position */ 756 chip->write(chip->opaque, 1, 0x01); /* Output Y End Position */ 757 chip->write(chip->opaque, 1, 0x01); /* Input Data Format */ 758 chip->write(chip->opaque, 1, 0x01); /* Data Source Select */ 759 760 fb_blank = memset(g_malloc(800 * 480 * 2), 0xff, 800 * 480 * 2); 761 /* Display Memory Data Port */ 762 chip->block(chip->opaque, 1, fb_blank, 800 * 480 * 2, 800); 763 g_free(fb_blank); 764 } 765 766 static void n8x0_dss_setup(struct n800_s *s) 767 { 768 s->blizzard.opaque = s1d13745_init(NULL); 769 s->blizzard.block = s1d13745_write_block; 770 s->blizzard.write = s1d13745_write; 771 s->blizzard.read = s1d13745_read; 772 773 omap_rfbi_attach(s->mpu->dss, 0, &s->blizzard); 774 } 775 776 static void n8x0_cbus_setup(struct n800_s *s) 777 { 778 qemu_irq dat_out = qdev_get_gpio_in(s->mpu->gpio, N8X0_CBUS_DAT_GPIO); 779 qemu_irq retu_irq = qdev_get_gpio_in(s->mpu->gpio, N8X0_RETU_GPIO); 780 qemu_irq tahvo_irq = qdev_get_gpio_in(s->mpu->gpio, N8X0_TAHVO_GPIO); 781 782 CBus *cbus = cbus_init(dat_out); 783 784 qdev_connect_gpio_out(s->mpu->gpio, N8X0_CBUS_CLK_GPIO, cbus->clk); 785 qdev_connect_gpio_out(s->mpu->gpio, N8X0_CBUS_DAT_GPIO, cbus->dat); 786 qdev_connect_gpio_out(s->mpu->gpio, N8X0_CBUS_SEL_GPIO, cbus->sel); 787 788 cbus_attach(cbus, s->retu = retu_init(retu_irq, 1)); 789 cbus_attach(cbus, s->tahvo = tahvo_init(tahvo_irq, 1)); 790 } 791 792 static void n8x0_usb_setup(struct n800_s *s) 793 { 794 SysBusDevice *dev; 795 s->usb = qdev_new("tusb6010"); 796 dev = SYS_BUS_DEVICE(s->usb); 797 sysbus_realize_and_unref(dev, &error_fatal); 798 sysbus_connect_irq(dev, 0, 799 qdev_get_gpio_in(s->mpu->gpio, N8X0_TUSB_INT_GPIO)); 800 /* Using the NOR interface */ 801 omap_gpmc_attach(s->mpu->gpmc, N8X0_USB_ASYNC_CS, 802 sysbus_mmio_get_region(dev, 0)); 803 omap_gpmc_attach(s->mpu->gpmc, N8X0_USB_SYNC_CS, 804 sysbus_mmio_get_region(dev, 1)); 805 qdev_connect_gpio_out(s->mpu->gpio, N8X0_TUSB_ENABLE_GPIO, 806 qdev_get_gpio_in(s->usb, 0)); /* tusb_pwr */ 807 } 808 809 /* Setup done before the main bootloader starts by some early setup code 810 * - used when we want to run the main bootloader in emulation. This 811 * isn't documented. */ 812 static uint32_t n800_pinout[104] = { 813 0x080f00d8, 0x00d40808, 0x03080808, 0x080800d0, 814 0x00dc0808, 0x0b0f0f00, 0x080800b4, 0x00c00808, 815 0x08080808, 0x180800c4, 0x00b80000, 0x08080808, 816 0x080800bc, 0x00cc0808, 0x08081818, 0x18180128, 817 0x01241800, 0x18181818, 0x000000f0, 0x01300000, 818 0x00001b0b, 0x1b0f0138, 0x00e0181b, 0x1b031b0b, 819 0x180f0078, 0x00740018, 0x0f0f0f1a, 0x00000080, 820 0x007c0000, 0x00000000, 0x00000088, 0x00840000, 821 0x00000000, 0x00000094, 0x00980300, 0x0f180003, 822 0x0000008c, 0x00900f0f, 0x0f0f1b00, 0x0f00009c, 823 0x01140000, 0x1b1b0f18, 0x0818013c, 0x01400008, 824 0x00001818, 0x000b0110, 0x010c1800, 0x0b030b0f, 825 0x181800f4, 0x00f81818, 0x00000018, 0x000000fc, 826 0x00401808, 0x00000000, 0x0f1b0030, 0x003c0008, 827 0x00000000, 0x00000038, 0x00340000, 0x00000000, 828 0x1a080070, 0x00641a1a, 0x08080808, 0x08080060, 829 0x005c0808, 0x08080808, 0x08080058, 0x00540808, 830 0x08080808, 0x0808006c, 0x00680808, 0x08080808, 831 0x000000a8, 0x00b00000, 0x08080808, 0x000000a0, 832 0x00a40000, 0x00000000, 0x08ff0050, 0x004c0808, 833 0xffffffff, 0xffff0048, 0x0044ffff, 0xffffffff, 834 0x000000ac, 0x01040800, 0x08080b0f, 0x18180100, 835 0x01081818, 0x0b0b1808, 0x1a0300e4, 0x012c0b1a, 836 0x02020018, 0x0b000134, 0x011c0800, 0x0b1b1b00, 837 0x0f0000c8, 0x00ec181b, 0x000f0f02, 0x00180118, 838 0x01200000, 0x0f0b1b1b, 0x0f0200e8, 0x0000020b, 839 }; 840 841 static void n800_setup_nolo_tags(void *sram_base) 842 { 843 int i; 844 uint32_t *p = sram_base + 0x8000; 845 uint32_t *v = sram_base + 0xa000; 846 847 memset(p, 0, 0x3000); 848 849 strcpy((void *) (p + 0), "QEMU N800"); 850 851 strcpy((void *) (p + 8), "F5"); 852 853 stl_p(p + 10, 0x04f70000); 854 strcpy((void *) (p + 9), "RX-34"); 855 856 /* RAM size in MB? */ 857 stl_p(p + 12, 0x80); 858 859 /* Pointer to the list of tags */ 860 stl_p(p + 13, OMAP2_SRAM_BASE + 0x9000); 861 862 /* The NOLO tags start here */ 863 p = sram_base + 0x9000; 864 #define ADD_TAG(tag, len) \ 865 stw_p((uint16_t *) p + 0, tag); \ 866 stw_p((uint16_t *) p + 1, len); p++; \ 867 stl_p(p++, OMAP2_SRAM_BASE | (((void *) v - sram_base) & 0xffff)); 868 869 /* OMAP STI console? Pin out settings? */ 870 ADD_TAG(0x6e01, 414); 871 for (i = 0; i < ARRAY_SIZE(n800_pinout); i++) { 872 stl_p(v++, n800_pinout[i]); 873 } 874 875 /* Kernel memsize? */ 876 ADD_TAG(0x6e05, 1); 877 stl_p(v++, 2); 878 879 /* NOLO serial console */ 880 ADD_TAG(0x6e02, 4); 881 stl_p(v++, XLDR_LL_UART); /* UART number (1 - 3) */ 882 883 #if 0 884 /* CBUS settings (Retu/AVilma) */ 885 ADD_TAG(0x6e03, 6); 886 stw_p((uint16_t *) v + 0, 65); /* CBUS GPIO0 */ 887 stw_p((uint16_t *) v + 1, 66); /* CBUS GPIO1 */ 888 stw_p((uint16_t *) v + 2, 64); /* CBUS GPIO2 */ 889 v += 2; 890 #endif 891 892 /* Nokia ASIC BB5 (Retu/Tahvo) */ 893 ADD_TAG(0x6e0a, 4); 894 stw_p((uint16_t *) v + 0, 111); /* "Retu" interrupt GPIO */ 895 stw_p((uint16_t *) v + 1, 108); /* "Tahvo" interrupt GPIO */ 896 v++; 897 898 /* LCD console? */ 899 ADD_TAG(0x6e04, 4); 900 stw_p((uint16_t *) v + 0, 30); /* ??? */ 901 stw_p((uint16_t *) v + 1, 24); /* ??? */ 902 v++; 903 904 #if 0 905 /* LCD settings */ 906 ADD_TAG(0x6e06, 2); 907 stw_p((uint16_t *) (v++), 15); /* ??? */ 908 #endif 909 910 /* I^2C (Menelaus) */ 911 ADD_TAG(0x6e07, 4); 912 stl_p(v++, 0x00720000); /* ??? */ 913 914 /* Unknown */ 915 ADD_TAG(0x6e0b, 6); 916 stw_p((uint16_t *) v + 0, 94); /* ??? */ 917 stw_p((uint16_t *) v + 1, 23); /* ??? */ 918 stw_p((uint16_t *) v + 2, 0); /* ??? */ 919 v += 2; 920 921 /* OMAP gpio switch info */ 922 ADD_TAG(0x6e0c, 80); 923 strcpy((void *) v, "bat_cover"); v += 3; 924 stw_p((uint16_t *) v + 0, 110); /* GPIO num ??? */ 925 stw_p((uint16_t *) v + 1, 1); /* GPIO num ??? */ 926 v += 2; 927 strcpy((void *) v, "cam_act"); v += 3; 928 stw_p((uint16_t *) v + 0, 95); /* GPIO num ??? */ 929 stw_p((uint16_t *) v + 1, 32); /* GPIO num ??? */ 930 v += 2; 931 strcpy((void *) v, "cam_turn"); v += 3; 932 stw_p((uint16_t *) v + 0, 12); /* GPIO num ??? */ 933 stw_p((uint16_t *) v + 1, 33); /* GPIO num ??? */ 934 v += 2; 935 strcpy((void *) v, "headphone"); v += 3; 936 stw_p((uint16_t *) v + 0, 107); /* GPIO num ??? */ 937 stw_p((uint16_t *) v + 1, 17); /* GPIO num ??? */ 938 v += 2; 939 940 /* Bluetooth */ 941 ADD_TAG(0x6e0e, 12); 942 stl_p(v++, 0x5c623d01); /* ??? */ 943 stl_p(v++, 0x00000201); /* ??? */ 944 stl_p(v++, 0x00000000); /* ??? */ 945 946 /* CX3110x WLAN settings */ 947 ADD_TAG(0x6e0f, 8); 948 stl_p(v++, 0x00610025); /* ??? */ 949 stl_p(v++, 0xffff0057); /* ??? */ 950 951 /* MMC host settings */ 952 ADD_TAG(0x6e10, 12); 953 stl_p(v++, 0xffff000f); /* ??? */ 954 stl_p(v++, 0xffffffff); /* ??? */ 955 stl_p(v++, 0x00000060); /* ??? */ 956 957 /* OneNAND chip select */ 958 ADD_TAG(0x6e11, 10); 959 stl_p(v++, 0x00000401); /* ??? */ 960 stl_p(v++, 0x0002003a); /* ??? */ 961 stl_p(v++, 0x00000002); /* ??? */ 962 963 /* TEA5761 sensor settings */ 964 ADD_TAG(0x6e12, 2); 965 stl_p(v++, 93); /* GPIO num ??? */ 966 967 #if 0 968 /* Unknown tag */ 969 ADD_TAG(6e09, 0); 970 971 /* Kernel UART / console */ 972 ADD_TAG(6e12, 0); 973 #endif 974 975 /* End of the list */ 976 stl_p(p++, 0x00000000); 977 stl_p(p++, 0x00000000); 978 } 979 980 /* This task is normally performed by the bootloader. If we're loading 981 * a kernel directly, we need to set up GPMC mappings ourselves. */ 982 static void n800_gpmc_init(struct n800_s *s) 983 { 984 uint32_t config7 = 985 (0xf << 8) | /* MASKADDRESS */ 986 (1 << 6) | /* CSVALID */ 987 (4 << 0); /* BASEADDRESS */ 988 989 cpu_physical_memory_write(0x6800a078, /* GPMC_CONFIG7_0 */ 990 &config7, sizeof(config7)); 991 } 992 993 /* Setup sequence done by the bootloader */ 994 static void n8x0_boot_init(void *opaque) 995 { 996 struct n800_s *s = (struct n800_s *) opaque; 997 uint32_t buf; 998 999 /* PRCM setup */ 1000 #define omap_writel(addr, val) \ 1001 buf = (val); \ 1002 cpu_physical_memory_write(addr, &buf, sizeof(buf)) 1003 1004 omap_writel(0x48008060, 0x41); /* PRCM_CLKSRC_CTRL */ 1005 omap_writel(0x48008070, 1); /* PRCM_CLKOUT_CTRL */ 1006 omap_writel(0x48008078, 0); /* PRCM_CLKEMUL_CTRL */ 1007 omap_writel(0x48008090, 0); /* PRCM_VOLTSETUP */ 1008 omap_writel(0x48008094, 0); /* PRCM_CLKSSETUP */ 1009 omap_writel(0x48008098, 0); /* PRCM_POLCTRL */ 1010 omap_writel(0x48008140, 2); /* CM_CLKSEL_MPU */ 1011 omap_writel(0x48008148, 0); /* CM_CLKSTCTRL_MPU */ 1012 omap_writel(0x48008158, 1); /* RM_RSTST_MPU */ 1013 omap_writel(0x480081c8, 0x15); /* PM_WKDEP_MPU */ 1014 omap_writel(0x480081d4, 0x1d4); /* PM_EVGENCTRL_MPU */ 1015 omap_writel(0x480081d8, 0); /* PM_EVEGENONTIM_MPU */ 1016 omap_writel(0x480081dc, 0); /* PM_EVEGENOFFTIM_MPU */ 1017 omap_writel(0x480081e0, 0xc); /* PM_PWSTCTRL_MPU */ 1018 omap_writel(0x48008200, 0x047e7ff7); /* CM_FCLKEN1_CORE */ 1019 omap_writel(0x48008204, 0x00000004); /* CM_FCLKEN2_CORE */ 1020 omap_writel(0x48008210, 0x047e7ff1); /* CM_ICLKEN1_CORE */ 1021 omap_writel(0x48008214, 0x00000004); /* CM_ICLKEN2_CORE */ 1022 omap_writel(0x4800821c, 0x00000000); /* CM_ICLKEN4_CORE */ 1023 omap_writel(0x48008230, 0); /* CM_AUTOIDLE1_CORE */ 1024 omap_writel(0x48008234, 0); /* CM_AUTOIDLE2_CORE */ 1025 omap_writel(0x48008238, 7); /* CM_AUTOIDLE3_CORE */ 1026 omap_writel(0x4800823c, 0); /* CM_AUTOIDLE4_CORE */ 1027 omap_writel(0x48008240, 0x04360626); /* CM_CLKSEL1_CORE */ 1028 omap_writel(0x48008244, 0x00000014); /* CM_CLKSEL2_CORE */ 1029 omap_writel(0x48008248, 0); /* CM_CLKSTCTRL_CORE */ 1030 omap_writel(0x48008300, 0x00000000); /* CM_FCLKEN_GFX */ 1031 omap_writel(0x48008310, 0x00000000); /* CM_ICLKEN_GFX */ 1032 omap_writel(0x48008340, 0x00000001); /* CM_CLKSEL_GFX */ 1033 omap_writel(0x48008400, 0x00000004); /* CM_FCLKEN_WKUP */ 1034 omap_writel(0x48008410, 0x00000004); /* CM_ICLKEN_WKUP */ 1035 omap_writel(0x48008440, 0x00000000); /* CM_CLKSEL_WKUP */ 1036 omap_writel(0x48008500, 0x000000cf); /* CM_CLKEN_PLL */ 1037 omap_writel(0x48008530, 0x0000000c); /* CM_AUTOIDLE_PLL */ 1038 omap_writel(0x48008540, /* CM_CLKSEL1_PLL */ 1039 (0x78 << 12) | (6 << 8)); 1040 omap_writel(0x48008544, 2); /* CM_CLKSEL2_PLL */ 1041 1042 /* GPMC setup */ 1043 n800_gpmc_init(s); 1044 1045 /* Video setup */ 1046 n800_dss_init(&s->blizzard); 1047 1048 /* CPU setup */ 1049 s->mpu->cpu->env.GE = 0x5; 1050 1051 /* If the machine has a slided keyboard, open it */ 1052 if (s->kbd) { 1053 qemu_irq_raise(qdev_get_gpio_in(s->mpu->gpio, N810_SLIDE_GPIO)); 1054 } 1055 } 1056 1057 #define OMAP_TAG_NOKIA_BT 0x4e01 1058 #define OMAP_TAG_WLAN_CX3110X 0x4e02 1059 #define OMAP_TAG_CBUS 0x4e03 1060 #define OMAP_TAG_EM_ASIC_BB5 0x4e04 1061 1062 static struct omap_gpiosw_info_s { 1063 const char *name; 1064 int line; 1065 int type; 1066 } n800_gpiosw_info[] = { 1067 { 1068 "bat_cover", N800_BAT_COVER_GPIO, 1069 OMAP_GPIOSW_TYPE_COVER | OMAP_GPIOSW_INVERTED, 1070 }, { 1071 "cam_act", N800_CAM_ACT_GPIO, 1072 OMAP_GPIOSW_TYPE_ACTIVITY, 1073 }, { 1074 "cam_turn", N800_CAM_TURN_GPIO, 1075 OMAP_GPIOSW_TYPE_ACTIVITY | OMAP_GPIOSW_INVERTED, 1076 }, { 1077 "headphone", N8X0_HEADPHONE_GPIO, 1078 OMAP_GPIOSW_TYPE_CONNECTION | OMAP_GPIOSW_INVERTED, 1079 }, 1080 { NULL } 1081 }, n810_gpiosw_info[] = { 1082 { 1083 "gps_reset", N810_GPS_RESET_GPIO, 1084 OMAP_GPIOSW_TYPE_ACTIVITY | OMAP_GPIOSW_OUTPUT, 1085 }, { 1086 "gps_wakeup", N810_GPS_WAKEUP_GPIO, 1087 OMAP_GPIOSW_TYPE_ACTIVITY | OMAP_GPIOSW_OUTPUT, 1088 }, { 1089 "headphone", N8X0_HEADPHONE_GPIO, 1090 OMAP_GPIOSW_TYPE_CONNECTION | OMAP_GPIOSW_INVERTED, 1091 }, { 1092 "kb_lock", N810_KB_LOCK_GPIO, 1093 OMAP_GPIOSW_TYPE_COVER | OMAP_GPIOSW_INVERTED, 1094 }, { 1095 "sleepx_led", N810_SLEEPX_LED_GPIO, 1096 OMAP_GPIOSW_TYPE_ACTIVITY | OMAP_GPIOSW_INVERTED | OMAP_GPIOSW_OUTPUT, 1097 }, { 1098 "slide", N810_SLIDE_GPIO, 1099 OMAP_GPIOSW_TYPE_COVER | OMAP_GPIOSW_INVERTED, 1100 }, 1101 { NULL } 1102 }; 1103 1104 static struct omap_partition_info_s { 1105 uint32_t offset; 1106 uint32_t size; 1107 int mask; 1108 const char *name; 1109 } n800_part_info[] = { 1110 { 0x00000000, 0x00020000, 0x3, "bootloader" }, 1111 { 0x00020000, 0x00060000, 0x0, "config" }, 1112 { 0x00080000, 0x00200000, 0x0, "kernel" }, 1113 { 0x00280000, 0x00200000, 0x3, "initfs" }, 1114 { 0x00480000, 0x0fb80000, 0x3, "rootfs" }, 1115 1116 { 0, 0, 0, NULL } 1117 }, n810_part_info[] = { 1118 { 0x00000000, 0x00020000, 0x3, "bootloader" }, 1119 { 0x00020000, 0x00060000, 0x0, "config" }, 1120 { 0x00080000, 0x00220000, 0x0, "kernel" }, 1121 { 0x002a0000, 0x00400000, 0x0, "initfs" }, 1122 { 0x006a0000, 0x0f960000, 0x0, "rootfs" }, 1123 1124 { 0, 0, 0, NULL } 1125 }; 1126 1127 static uint8_t n8x0_bd_addr[6] = { N8X0_BD_ADDR }; 1128 1129 static int n8x0_atag_setup(void *p, int model) 1130 { 1131 uint8_t *b; 1132 uint16_t *w; 1133 uint32_t *l; 1134 struct omap_gpiosw_info_s *gpiosw; 1135 struct omap_partition_info_s *partition; 1136 const char *tag; 1137 1138 w = p; 1139 1140 stw_p(w++, OMAP_TAG_UART); /* u16 tag */ 1141 stw_p(w++, 4); /* u16 len */ 1142 stw_p(w++, (1 << 2) | (1 << 1) | (1 << 0)); /* uint enabled_uarts */ 1143 w++; 1144 1145 #if 0 1146 stw_p(w++, OMAP_TAG_SERIAL_CONSOLE); /* u16 tag */ 1147 stw_p(w++, 4); /* u16 len */ 1148 stw_p(w++, XLDR_LL_UART + 1); /* u8 console_uart */ 1149 stw_p(w++, 115200); /* u32 console_speed */ 1150 #endif 1151 1152 stw_p(w++, OMAP_TAG_LCD); /* u16 tag */ 1153 stw_p(w++, 36); /* u16 len */ 1154 strcpy((void *) w, "QEMU LCD panel"); /* char panel_name[16] */ 1155 w += 8; 1156 strcpy((void *) w, "blizzard"); /* char ctrl_name[16] */ 1157 w += 8; 1158 stw_p(w++, N810_BLIZZARD_RESET_GPIO); /* TODO: n800 s16 nreset_gpio */ 1159 stw_p(w++, 24); /* u8 data_lines */ 1160 1161 stw_p(w++, OMAP_TAG_CBUS); /* u16 tag */ 1162 stw_p(w++, 8); /* u16 len */ 1163 stw_p(w++, N8X0_CBUS_CLK_GPIO); /* s16 clk_gpio */ 1164 stw_p(w++, N8X0_CBUS_DAT_GPIO); /* s16 dat_gpio */ 1165 stw_p(w++, N8X0_CBUS_SEL_GPIO); /* s16 sel_gpio */ 1166 w++; 1167 1168 stw_p(w++, OMAP_TAG_EM_ASIC_BB5); /* u16 tag */ 1169 stw_p(w++, 4); /* u16 len */ 1170 stw_p(w++, N8X0_RETU_GPIO); /* s16 retu_irq_gpio */ 1171 stw_p(w++, N8X0_TAHVO_GPIO); /* s16 tahvo_irq_gpio */ 1172 1173 gpiosw = (model == 810) ? n810_gpiosw_info : n800_gpiosw_info; 1174 for (; gpiosw->name; gpiosw++) { 1175 stw_p(w++, OMAP_TAG_GPIO_SWITCH); /* u16 tag */ 1176 stw_p(w++, 20); /* u16 len */ 1177 strcpy((void *) w, gpiosw->name); /* char name[12] */ 1178 w += 6; 1179 stw_p(w++, gpiosw->line); /* u16 gpio */ 1180 stw_p(w++, gpiosw->type); 1181 stw_p(w++, 0); 1182 stw_p(w++, 0); 1183 } 1184 1185 stw_p(w++, OMAP_TAG_NOKIA_BT); /* u16 tag */ 1186 stw_p(w++, 12); /* u16 len */ 1187 b = (void *) w; 1188 stb_p(b++, 0x01); /* u8 chip_type (CSR) */ 1189 stb_p(b++, N8X0_BT_WKUP_GPIO); /* u8 bt_wakeup_gpio */ 1190 stb_p(b++, N8X0_BT_HOST_WKUP_GPIO); /* u8 host_wakeup_gpio */ 1191 stb_p(b++, N8X0_BT_RESET_GPIO); /* u8 reset_gpio */ 1192 stb_p(b++, BT_UART + 1); /* u8 bt_uart */ 1193 memcpy(b, &n8x0_bd_addr, 6); /* u8 bd_addr[6] */ 1194 b += 6; 1195 stb_p(b++, 0x02); /* u8 bt_sysclk (38.4) */ 1196 w = (void *) b; 1197 1198 stw_p(w++, OMAP_TAG_WLAN_CX3110X); /* u16 tag */ 1199 stw_p(w++, 8); /* u16 len */ 1200 stw_p(w++, 0x25); /* u8 chip_type */ 1201 stw_p(w++, N8X0_WLAN_PWR_GPIO); /* s16 power_gpio */ 1202 stw_p(w++, N8X0_WLAN_IRQ_GPIO); /* s16 irq_gpio */ 1203 stw_p(w++, -1); /* s16 spi_cs_gpio */ 1204 1205 stw_p(w++, OMAP_TAG_MMC); /* u16 tag */ 1206 stw_p(w++, 16); /* u16 len */ 1207 if (model == 810) { 1208 stw_p(w++, 0x23f); /* unsigned flags */ 1209 stw_p(w++, -1); /* s16 power_pin */ 1210 stw_p(w++, -1); /* s16 switch_pin */ 1211 stw_p(w++, -1); /* s16 wp_pin */ 1212 stw_p(w++, 0x240); /* unsigned flags */ 1213 stw_p(w++, 0xc000); /* s16 power_pin */ 1214 stw_p(w++, 0x0248); /* s16 switch_pin */ 1215 stw_p(w++, 0xc000); /* s16 wp_pin */ 1216 } else { 1217 stw_p(w++, 0xf); /* unsigned flags */ 1218 stw_p(w++, -1); /* s16 power_pin */ 1219 stw_p(w++, -1); /* s16 switch_pin */ 1220 stw_p(w++, -1); /* s16 wp_pin */ 1221 stw_p(w++, 0); /* unsigned flags */ 1222 stw_p(w++, 0); /* s16 power_pin */ 1223 stw_p(w++, 0); /* s16 switch_pin */ 1224 stw_p(w++, 0); /* s16 wp_pin */ 1225 } 1226 1227 stw_p(w++, OMAP_TAG_TEA5761); /* u16 tag */ 1228 stw_p(w++, 4); /* u16 len */ 1229 stw_p(w++, N8X0_TEA5761_CS_GPIO); /* u16 enable_gpio */ 1230 w++; 1231 1232 partition = (model == 810) ? n810_part_info : n800_part_info; 1233 for (; partition->name; partition++) { 1234 stw_p(w++, OMAP_TAG_PARTITION); /* u16 tag */ 1235 stw_p(w++, 28); /* u16 len */ 1236 strcpy((void *) w, partition->name); /* char name[16] */ 1237 l = (void *) (w + 8); 1238 stl_p(l++, partition->size); /* unsigned int size */ 1239 stl_p(l++, partition->offset); /* unsigned int offset */ 1240 stl_p(l++, partition->mask); /* unsigned int mask_flags */ 1241 w = (void *) l; 1242 } 1243 1244 stw_p(w++, OMAP_TAG_BOOT_REASON); /* u16 tag */ 1245 stw_p(w++, 12); /* u16 len */ 1246 #if 0 1247 strcpy((void *) w, "por"); /* char reason_str[12] */ 1248 strcpy((void *) w, "charger"); /* char reason_str[12] */ 1249 strcpy((void *) w, "32wd_to"); /* char reason_str[12] */ 1250 strcpy((void *) w, "sw_rst"); /* char reason_str[12] */ 1251 strcpy((void *) w, "mbus"); /* char reason_str[12] */ 1252 strcpy((void *) w, "unknown"); /* char reason_str[12] */ 1253 strcpy((void *) w, "swdg_to"); /* char reason_str[12] */ 1254 strcpy((void *) w, "sec_vio"); /* char reason_str[12] */ 1255 strcpy((void *) w, "pwr_key"); /* char reason_str[12] */ 1256 strcpy((void *) w, "rtc_alarm"); /* char reason_str[12] */ 1257 #else 1258 strcpy((void *) w, "pwr_key"); /* char reason_str[12] */ 1259 #endif 1260 w += 6; 1261 1262 tag = (model == 810) ? "RX-44" : "RX-34"; 1263 stw_p(w++, OMAP_TAG_VERSION_STR); /* u16 tag */ 1264 stw_p(w++, 24); /* u16 len */ 1265 strcpy((void *) w, "product"); /* char component[12] */ 1266 w += 6; 1267 strcpy((void *) w, tag); /* char version[12] */ 1268 w += 6; 1269 1270 stw_p(w++, OMAP_TAG_VERSION_STR); /* u16 tag */ 1271 stw_p(w++, 24); /* u16 len */ 1272 strcpy((void *) w, "hw-build"); /* char component[12] */ 1273 w += 6; 1274 strcpy((void *) w, "QEMU "); 1275 pstrcat((void *) w, 12, qemu_hw_version()); /* char version[12] */ 1276 w += 6; 1277 1278 tag = (model == 810) ? "1.1.10-qemu" : "1.1.6-qemu"; 1279 stw_p(w++, OMAP_TAG_VERSION_STR); /* u16 tag */ 1280 stw_p(w++, 24); /* u16 len */ 1281 strcpy((void *) w, "nolo"); /* char component[12] */ 1282 w += 6; 1283 strcpy((void *) w, tag); /* char version[12] */ 1284 w += 6; 1285 1286 return (void *) w - p; 1287 } 1288 1289 static int n800_atag_setup(const struct arm_boot_info *info, void *p) 1290 { 1291 return n8x0_atag_setup(p, 800); 1292 } 1293 1294 static int n810_atag_setup(const struct arm_boot_info *info, void *p) 1295 { 1296 return n8x0_atag_setup(p, 810); 1297 } 1298 1299 static void n8x0_init(MachineState *machine, 1300 struct arm_boot_info *binfo, int model) 1301 { 1302 struct n800_s *s = (struct n800_s *) g_malloc0(sizeof(*s)); 1303 MachineClass *mc = MACHINE_GET_CLASS(machine); 1304 1305 if (machine->ram_size != mc->default_ram_size) { 1306 char *sz = size_to_str(mc->default_ram_size); 1307 error_report("Invalid RAM size, should be %s", sz); 1308 g_free(sz); 1309 exit(EXIT_FAILURE); 1310 } 1311 binfo->ram_size = machine->ram_size; 1312 1313 memory_region_add_subregion(get_system_memory(), OMAP2_Q2_BASE, 1314 machine->ram); 1315 1316 s->mpu = omap2420_mpu_init(machine->ram, machine->cpu_type); 1317 1318 /* Setup peripherals 1319 * 1320 * Believed external peripherals layout in the N810: 1321 * (spi bus 1) 1322 * tsc2005 1323 * lcd_mipid 1324 * (spi bus 2) 1325 * Conexant cx3110x (WLAN) 1326 * optional: pc2400m (WiMAX) 1327 * (i2c bus 0) 1328 * TLV320AIC33 (audio codec) 1329 * TCM825x (camera by Toshiba) 1330 * lp5521 (clever LEDs) 1331 * tsl2563 (light sensor, hwmon, model 7, rev. 0) 1332 * lm8323 (keypad, manf 00, rev 04) 1333 * (i2c bus 1) 1334 * tmp105 (temperature sensor, hwmon) 1335 * menelaus (pm) 1336 * (somewhere on i2c - maybe N800-only) 1337 * tea5761 (FM tuner) 1338 * (serial 0) 1339 * GPS 1340 * (some serial port) 1341 * csr41814 (Bluetooth) 1342 */ 1343 n8x0_gpio_setup(s); 1344 n8x0_nand_setup(s); 1345 n8x0_i2c_setup(s); 1346 if (model == 800) { 1347 n800_tsc_kbd_setup(s); 1348 } else if (model == 810) { 1349 n810_tsc_setup(s); 1350 n810_kbd_setup(s); 1351 } 1352 n8x0_spi_setup(s); 1353 n8x0_dss_setup(s); 1354 n8x0_cbus_setup(s); 1355 if (machine_usb(machine)) { 1356 n8x0_usb_setup(s); 1357 } 1358 1359 if (machine->kernel_filename) { 1360 /* Or at the linux loader. */ 1361 arm_load_kernel(s->mpu->cpu, machine, binfo); 1362 1363 qemu_register_reset(n8x0_boot_init, s); 1364 } 1365 1366 if (option_rom[0].name && 1367 (machine->boot_order[0] == 'n' || !machine->kernel_filename)) { 1368 uint8_t *nolo_tags = g_new(uint8_t, 0x10000); 1369 /* No, wait, better start at the ROM. */ 1370 s->mpu->cpu->env.regs[15] = OMAP2_Q2_BASE + 0x400000; 1371 1372 /* 1373 * This is intended for loading the `secondary.bin' program from 1374 * Nokia images (the NOLO bootloader). The entry point seems 1375 * to be at OMAP2_Q2_BASE + 0x400000. 1376 * 1377 * The `2nd.bin' files contain some kind of earlier boot code and 1378 * for them the entry point needs to be set to OMAP2_SRAM_BASE. 1379 * 1380 * The code above is for loading the `zImage' file from Nokia 1381 * images. 1382 */ 1383 if (load_image_targphys(option_rom[0].name, 1384 OMAP2_Q2_BASE + 0x400000, 1385 machine->ram_size - 0x400000) < 0) { 1386 error_report("Failed to load secondary bootloader %s", 1387 option_rom[0].name); 1388 exit(EXIT_FAILURE); 1389 } 1390 1391 n800_setup_nolo_tags(nolo_tags); 1392 cpu_physical_memory_write(OMAP2_SRAM_BASE, nolo_tags, 0x10000); 1393 g_free(nolo_tags); 1394 } 1395 } 1396 1397 static struct arm_boot_info n800_binfo = { 1398 .loader_start = OMAP2_Q2_BASE, 1399 .board_id = 0x4f7, 1400 .atag_board = n800_atag_setup, 1401 }; 1402 1403 static struct arm_boot_info n810_binfo = { 1404 .loader_start = OMAP2_Q2_BASE, 1405 /* 0x60c and 0x6bf (WiMAX Edition) have been assigned but are not 1406 * used by some older versions of the bootloader and 5555 is used 1407 * instead (including versions that shipped with many devices). */ 1408 .board_id = 0x60c, 1409 .atag_board = n810_atag_setup, 1410 }; 1411 1412 static void n800_init(MachineState *machine) 1413 { 1414 n8x0_init(machine, &n800_binfo, 800); 1415 } 1416 1417 static void n810_init(MachineState *machine) 1418 { 1419 n8x0_init(machine, &n810_binfo, 810); 1420 } 1421 1422 static void n800_class_init(ObjectClass *oc, void *data) 1423 { 1424 MachineClass *mc = MACHINE_CLASS(oc); 1425 1426 mc->desc = "Nokia N800 tablet aka. RX-34 (OMAP2420)"; 1427 mc->init = n800_init; 1428 mc->default_boot_order = ""; 1429 mc->ignore_memory_transaction_failures = true; 1430 mc->default_cpu_type = ARM_CPU_TYPE_NAME("arm1136-r2"); 1431 /* Actually two chips of 0x4000000 bytes each */ 1432 mc->default_ram_size = 0x08000000; 1433 mc->default_ram_id = "omap2.dram"; 1434 } 1435 1436 static const TypeInfo n800_type = { 1437 .name = MACHINE_TYPE_NAME("n800"), 1438 .parent = TYPE_MACHINE, 1439 .class_init = n800_class_init, 1440 }; 1441 1442 static void n810_class_init(ObjectClass *oc, void *data) 1443 { 1444 MachineClass *mc = MACHINE_CLASS(oc); 1445 1446 mc->desc = "Nokia N810 tablet aka. RX-44 (OMAP2420)"; 1447 mc->init = n810_init; 1448 mc->default_boot_order = ""; 1449 mc->ignore_memory_transaction_failures = true; 1450 mc->default_cpu_type = ARM_CPU_TYPE_NAME("arm1136-r2"); 1451 /* Actually two chips of 0x4000000 bytes each */ 1452 mc->default_ram_size = 0x08000000; 1453 mc->default_ram_id = "omap2.dram"; 1454 } 1455 1456 static const TypeInfo n810_type = { 1457 .name = MACHINE_TYPE_NAME("n810"), 1458 .parent = TYPE_MACHINE, 1459 .class_init = n810_class_init, 1460 }; 1461 1462 static void nseries_machine_init(void) 1463 { 1464 type_register_static(&n800_type); 1465 type_register_static(&n810_type); 1466 } 1467 1468 type_init(nseries_machine_init) 1469